diff --git a/app/layout.tsx b/app/layout.tsx index b8e3a33..4757367 100644 --- a/app/layout.tsx +++ b/app/layout.tsx @@ -20,7 +20,7 @@ export const metadata: Metadata = { metadataBase: new URL('https://greywall.io'), title: 'Greywall: Sandbox for AI Agents', description: - 'Container-free, default-deny sandboxing with real-time observability for AI agents on Linux and macOS. Five kernel-enforced security layers in one command. Open source.', + 'Frictionless sandboxing with real-time observability for AI agents on Linux and macOS. One command, nothing to configure. Open source.', icons: { icon: [ { url: '/icon.svg', type: 'image/svg+xml' }, @@ -31,7 +31,7 @@ export const metadata: Metadata = { }, openGraph: { title: 'Greywall: Sandbox for AI Agents', - description: 'Container-free, default-deny sandboxing with real-time observability for AI agents. Five kernel-enforced security layers in one command.', + description: 'Frictionless sandboxing with real-time observability for AI agents. One command, nothing to configure.', url: 'https://greywall.io', siteName: 'Greywall', type: 'website', @@ -40,7 +40,7 @@ export const metadata: Metadata = { twitter: { card: 'summary_large_image', title: 'Greywall: Sandbox for AI Agents', - description: 'Container-free, default-deny sandboxing with real-time observability for AI agents. Five kernel-enforced security layers in one command.', + description: 'Frictionless sandboxing with real-time observability for AI agents. One command, nothing to configure.', images: ['/og-image.png'], }, alternates: { @@ -71,7 +71,7 @@ const jsonLd = { '@id': 'https://greywall.io/#software', name: 'Greywall', description: - 'Container-free, default-deny sandboxing with real-time observability and dynamic controls for AI agents on Linux and macOS.', + 'Frictionless sandboxing with real-time observability and dynamic controls for AI agents on Linux and macOS.', applicationCategory: 'SecurityApplication', operatingSystem: 'Linux, macOS', url: 'https://greywall.io', diff --git a/components/comparison.tsx b/components/comparison.tsx index 9323ae6..81f79d9 100644 --- a/components/comparison.tsx +++ b/components/comparison.tsx @@ -148,8 +148,7 @@ export function Comparison() { Not all sandboxes are equal.

- Greywall combines filesystem isolation, network control, syscall filtering, - and real-time monitoring in a single tool. Here's how it stacks up. + Security that adds friction doesn't get used. Here's how Greywall compares to the alternatives.

diff --git a/components/control.tsx b/components/control.tsx index 3f56c03..bf0838e 100644 --- a/components/control.tsx +++ b/components/control.tsx @@ -48,11 +48,11 @@ export function Control() {

- Default deny. Explicit allow. + Nothing is allowed unless you say so.

- Agents inherit your full permissions. Greywall flips this: nothing is accessible - unless explicitly granted. Filesystem, network, and commands all start closed. + Greywall gives teams and AI agents the freedom to operate within precise security + boundaries.

@@ -121,7 +121,7 @@ export function Control() {

Full network namespace isolation. The process can't see the host network. - Every packet hits the TUN device and routes through GreyProxy, including + Every packet hits the TUN device and routes through Greywall, including binaries that ignore proxy env vars.

@@ -162,7 +162,7 @@ export function Control() {

All outbound traffic is blocked at the kernel. Only the proxy address is - reachable. GreyProxy then applies domain-level allow/deny rules. + reachable. Greywall then applies domain-level allow/deny rules.

)} @@ -239,8 +239,8 @@ export function Control() {

{platform === 'linux' - ? 'Uses strace to trace filesystem access. No special permissions needed. Auto-generates a template from observed paths.' - : 'Uses macOS Endpoint Security (eslogger) to trace access. Auto-generates a least-privilege template from observed paths.'} + ? 'No need to figure out which paths to allow. Traces what your agent accesses via strace and generates a least-privilege policy automatically. No special permissions needed.' + : 'No need to figure out which paths to allow. Traces what your agent accesses via macOS eslogger and generates a least-privilege policy automatically.'}

diff --git a/components/faq.tsx b/components/faq.tsx index 0821376..3003852 100644 --- a/components/faq.tsx +++ b/components/faq.tsx @@ -7,22 +7,22 @@ const faqs = [ { question: 'What is Greywall?', answer: - 'Greywall is a command-line tool that sandboxes AI coding agents. You wrap your agent in it — greywall -- claude — and it enforces a default-deny security policy at the kernel level. The agent can read and write your project files, but it cannot touch your SSH keys, read your .env, or make network calls you haven\'t approved. It works on Linux and macOS, requires no containers, and is open source under the Apache 2.0 license. The basic promise is modest: your AI assistant should not have more access to your computer than you would give a stranger at a coffee shop.', + 'Greywall is a command-line tool that sandboxes AI coding agents. You wrap your agent in it — greywall -- claude — and nothing is accessible unless you explicitly allow it. The agent can read and write your project files, but it cannot touch your SSH keys, read your .env, or make network calls you haven\'t approved. It works on Linux and macOS, requires no containers, and is open source under the Apache 2.0 license. The basic promise is modest: your AI assistant should not have more access to your computer than you would give a stranger at a coffee shop.', }, { question: 'How do I sandbox my AI coding agent?', answer: - 'Install Greywall, then prefix your command: greywall -- claude, greywall -- opencode, or any other CLI agent. That is the whole process. Greywall operates at the OS level, so it does not need plugins, extensions, or agent-specific configuration. The agent launches inside a kernel-enforced sandbox and runs normally — it just cannot reach things you have not explicitly allowed. If you want to see what the agent is trying to access, open the GreyProxy dashboard.', + 'Install Greywall, then prefix your command: greywall -- claude, greywall -- opencode, or any other CLI agent. That is the whole process. Greywall operates at the OS level, so it does not need plugins, extensions, or agent-specific configuration. The agent launches inside a kernel-enforced sandbox and runs normally — it just cannot reach things you have not explicitly allowed. If you want to see what the agent is trying to access, open the Greywall dashboard.', }, { question: 'How is Greywall different from running agents in Docker?', answer: - 'Containers were designed to ship software, not to babysit it. When you run an AI agent inside Docker, you get isolation, but you lose access to your local tools, editor integrations, and filesystem. Every dependency change means rebuilding an image. Greywall takes a different approach: the agent runs natively on your machine with full access to your toolchain, but the kernel enforces boundaries around what it can reach. Think of it as the difference between locking someone in a room versus letting them walk around the house with certain doors locked. You also get real-time visibility into what the agent is doing, which Docker does not offer.', + 'Containers were designed to ship software, not to babysit it. When you run an AI agent inside Docker, you get isolation, but you lose access to your local tools, editor integrations, and filesystem. Every dependency change means rebuilding an image. That friction is why most people just don\'t bother. Greywall takes a different approach: the agent runs natively on your machine with full access to your toolchain, but the kernel enforces boundaries around what it can reach. Think of it as the difference between locking someone in a room versus letting them walk around the house with certain doors locked. You also get real-time visibility into what the agent is doing, which Docker does not offer.', }, { question: 'Does Greywall work on macOS?', answer: - 'Yes. On macOS, Greywall uses Seatbelt — Apple\'s built-in kernel sandbox, the same one that constrains App Store applications. It generates a deny-by-default sandbox profile for each session, covering filesystem access, network connections, and IPC. Network traffic is routed through GreyProxy via environment variables. On Linux, there are more layers available (Bubblewrap, Landlock, Seccomp BPF, eBPF, and a TUN device for network capture), but the macOS implementation provides strong isolation using only built-in OS capabilities. No additional packages required.', + 'Yes. On macOS, Greywall uses Seatbelt — Apple\'s built-in kernel sandbox, the same one that constrains App Store applications. It generates a sandbox profile for each session that blocks everything unless explicitly allowed, covering filesystem access, network connections, and IPC. Network traffic is routed through Greywall via environment variables. On Linux, there are more layers available (Bubblewrap, Landlock, Seccomp BPF, eBPF, and a TUN device for network capture), but the macOS implementation provides strong isolation using only built-in OS capabilities. No additional packages required.', }, { question: 'Is Greywall open source?', diff --git a/components/hero.tsx b/components/hero.tsx index 2c13839..874d5cc 100644 --- a/components/hero.tsx +++ b/components/hero.tsx @@ -18,7 +18,7 @@ export function Hero() { Greywall your agent & let it cook.

- Container-free sandboxing with real-time observability & dynamic controls, for Linux & MacOS. + Frictionless sandboxing with real-time observability & dynamic controls, for Linux & macOS.

@@ -33,6 +33,9 @@ export function Hero() { Go version + + Product Hunt +
diff --git a/components/layers.tsx b/components/layers.tsx index a9182e4..0b47501 100644 --- a/components/layers.tsx +++ b/components/layers.tsx @@ -46,7 +46,7 @@ const macosLayers = [ icon: Shield, name: 'Seatbelt Sandbox', tag: 'Core', - desc: 'macOS kernel sandbox with dynamically generated profiles. Default-deny policy with explicit allowlists for filesystem, network, IPC, and process operations.', + desc: 'macOS kernel sandbox with dynamically generated profiles. Explicit allowlists for filesystem, network, IPC, and process operations.', detail: 'macOS native', }, { @@ -93,7 +93,7 @@ export function Layers() {

{platform === 'linux' ? 'Each layer operates independently. A bug in one is caught by another. No single point of failure. Every constraint is enforced at the kernel level.' - : 'macOS Seatbelt enforces deny-by-default policies before any syscall completes. The sandbox profile is generated per-session with rules tailored to your project.'} + : 'macOS Seatbelt blocks everything unless explicitly allowed, before any syscall completes. The sandbox profile is generated per-session with rules tailored to your project.'}

diff --git a/components/observability.tsx b/components/observability.tsx index 1189c22..b05460d 100644 --- a/components/observability.tsx +++ b/components/observability.tsx @@ -8,27 +8,27 @@ const slides = [ { label: 'Dashboard', src: '/dashboard.png', - alt: 'GreyProxy dashboard showing total requests, allowed, blocked, and allow rate stats', + alt: 'Greywall dashboard showing total requests, allowed, blocked, and allow rate stats', }, { label: 'Pending', src: '/pending_requests.png', - alt: 'GreyProxy pending network requests with Allow and Deny controls for each domain', + alt: 'Greywall pending network requests with Allow and Deny controls for each domain', }, { label: 'Rules', src: '/rules.png', - alt: 'GreyProxy domain rules configuration showing allow and deny policies per source', + alt: 'Greywall domain rules configuration showing allow and deny policies per source', }, { label: 'Activity', src: '/activity.png', - alt: 'GreyProxy activity log showing real-time TCP connections with status, source, destination, and duration', + alt: 'Greywall activity log showing real-time TCP connections with status, source, destination, and duration', }, { label: 'Conversations', src: '/conversations.png', - alt: 'GreyProxy conversations view showing agent interactions with tool calls and results', + alt: 'Greywall conversations view showing agent interactions with tool calls and results', }, ] @@ -82,12 +82,13 @@ export function Observability() {

- See every network connection. + See every file access and network connection.

- You can't predict which domains your agent will reach for. GreyProxy captures - every outbound connection and lets you allow or deny them in real time, without - restarting the session. + You can't predict which files your agent will read or which domains it will reach + for. Greywall learns what the agent needs on your filesystem automatically and + captures every outbound connection, letting you adjust policies in real time + without restarting the session.

diff --git a/components/problem.tsx b/components/problem.tsx index bc172ca..e25a32b 100644 --- a/components/problem.tsx +++ b/components/problem.tsx @@ -119,14 +119,17 @@ export function Problem() { {/* Resolution: Verification creates trust */}
-
+

+ Run in YOLO mode without risking anything outside your project. +

+

+ The security layer around your tools should be independent of the company selling you the AI. + Greywall gives you complete observability into + what your agent touches and full control over what it can reach. +

+
The act of verification creates trust.
-

- Greywall gives you complete observability into - every interaction between a model and your system, as well as an - ergonomic mechanism for control. -